csaf_redhat - RHSA-2024:0337

RHSA-2024:0337

Vulnerability from csaf_redhat

Published

2024-01-22 20:55

Modified

2025-10-04 00:57

Summary

Red Hat Security Advisory: RHACS 4.2 security update

Notes

Topic

Updated images are now available for Red Hat Advanced Cluster Security 4.2.4. The updated images includes security fixes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

This release of RHACS 4.2.4 provides the following changes: * Fixed postgresql vulnerabilities in multiple images.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated images are now available for Red Hat Advanced Cluster Security 4.2.4.\nThe updated images includes security fixes.\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This release of RHACS 4.2.4 provides the following changes:\n\n* Fixed postgresql vulnerabilities in multiple images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0337",
        "url": "https://access.redhat.com/errata/RHSA-2024:0337"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://docs.openshift.com/acs/4.2/release_notes/42-release-notes.html",
        "url": "https://docs.openshift.com/acs/4.2/release_notes/42-release-notes.html"
      },
      {
        "category": "external",
        "summary": "2228111",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
      },
      {
        "category": "external",
        "summary": "2247168",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
      },
      {
        "category": "external",
        "summary": "2247169",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
      },
      {
        "category": "external",
        "summary": "2247170",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
      },
      {
        "category": "external",
        "summary": "ROX-21850",
        "url": "https://issues.redhat.com/browse/ROX-21850"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0337.json"
      }
    ],
    "title": "Red Hat Security Advisory: RHACS 4.2 security update",
    "tracking": {
      "current_release_date": "2025-10-04T00:57:20+00:00",
      "generator": {
        "date": "2025-10-04T00:57:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2024:0337",
      "initial_release_date": "2024-01-22T20:55:21+00:00",
      "revision_history": [
        {
          "date": "2024-01-22T20:55:21+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-01-22T20:55:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-04T00:57:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "RHACS 4.2 for RHEL 8",
                "product": {
                  "name": "RHACS 4.2 for RHEL 8",
                  "product_id": "8Base-RHACS-4.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Advanced Cluster Security for Kubernetes"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                  "product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                  "product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                  "product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                  "product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                  "product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                  "product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.2.4-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                "product": {
                  "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                  "product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.2.4-7"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64 as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x as a component of RHACS 4.2 for RHEL 8",
          "product_id": "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        },
        "product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x",
        "relates_to_product_reference": "8Base-RHACS-4.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Jingzhou Fu"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5868",
      "cwe": {
        "id": "CWE-686",
        "name": "Function Call With Incorrect Argument Type"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247168"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Memory disclosure in aggregate function calls",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247168",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5868",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5868"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5868/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postgresql: Memory disclosure in aggregate function calls"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Pedro Gallegos"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5869",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247169"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Buffer overrun from integer overflow in array modification",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247169",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5869",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5869"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5869/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "postgresql: Buffer overrun from integer overflow in array modification"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Mahendrakar Srinivasarao",
            "Hemanth Sandrana"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2023-5870",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-31T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2247170"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: Role pg_signal_backend can signal certain superuser processes.",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "RHBZ#2247170",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5870",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5870"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-5870/",
          "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
        }
      ],
      "release_date": "2023-11-09T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "postgresql: Role pg_signal_backend can signal certain superuser processes."
    },
    {
      "cve": "CVE-2023-39417",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "discovery_date": "2023-08-01T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2228111"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "postgresql: extension script @substitutions@ within quoting allow SQL injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Bundled extensions are not vulnerable. Also, PostgreSQL will block this attack in the core server, so there\u0027s no need to modify individual extensions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
        ],
        "known_not_affected": [
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
          "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "RHBZ#2228111",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39417",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39417"
        },
        {
          "category": "external",
          "summary": "https://www.postgresql.org/support/security/CVE-2023-39417",
          "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
        }
      ],
      "release_date": "2023-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-01-22T20:55:21+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3ad078dd63e1e351360f22a9233b43e65480db1a1786784512eda32305bbdc47_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:524cbd40a09e663dff41c6d1b6d822e462d01b5bb65e863f52de48b8e3276187_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-central-db-rhel8@sha256:92f428614e15a57e97cf97b9c2125c3af46c6acee412012c1d6976cbb1487e92_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:497b8f4a25052516d3c069ce9aeec51754a367a339067348b09344245bf1f209_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:4f0110eb786e9da04e5801dccf03172871e317a279d6fe960f97b8142ef394aa_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-rhel8@sha256:55b040ad3b7f6ed38b2cf9398b71060b025349da4a87ea01d3357fcc875c96a8_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:201c55160bed9df7248278aa0fdbc9d732a51b002960db881e8810289f707834_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:45c829805275b99311f86466e360f7def1ea953348feb30bec05238d462f908f_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:9b4e0d67dc891f5e2157d702bcb7ada6845295716924ce01e350344497e1464f_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:15f5cb1c277d2600e4eb87e9125f749cda70a670194cb52ac7c148eab153743e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d02399c94eeab210e1e1651270b6125d22e1ff96bfbad71a73632616938c2630_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-main-rhel8@sha256:d1988189d0813155bb5156c5e82753c499c7bbdb4415bc4cf8784153131d6d46_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:983e840645f92ac1d12fd74382f6807b7dc7a0e750954a23112cab39faa7de91_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:d12dd40975045afad1cd5575ced8ce5c443fd0f872bceca5a759233828a051e6_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-operator-bundle@sha256:fb51d5e662853c2900d07de06783a908bf6fc609d6ff261c199797465060a750_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:696b60167f9a06502d764a99acc857093b005b82fe12e7d2fe147934b82baf2c_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f802f517f043fa06bfd96c6f3258c9c0bcf028eb1c26c9b85803d146e35ca8b_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-rhel8-operator@sha256:9ae9ee59efa910c9d3d80ed5509ce0e22228a1fd189adfdfbe374cd221fbf9f4_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:07ab92c150e68f12b9f4a001787794abfd226162063d669df6fc4d24ff082775_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:50cc44f3036494275b85bcdb83723bc023d29fad766759a6c5f2d02e99e4ba69_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:fc350db1595d2d7b24e9256ce8161e56a7802b457900d9ef43e5067cd9e1c705_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:13127a3aa6c9b626a929bdaff4b5c58076a7d1b07037a9f125abc1efd293776c_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:d737c0eed1676a24123983d4d39051e62d6b01863352fa6c25b98e0d0869957d_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:de69ec7687b7ad5db81be96dcffb6d27b9a551381bf717a03476522e5c7fda24_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:276508433afbe1fd8101f70b4ad73d279594793f20660f57cfea384587726450_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:2e5e04ae665f4c12e02dfe366d5b44ebcaa2a10079909d3e11471b0a1a42199f_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:4ec5b7f9e4871c9f526693581d7fa8100ebd335a2e8ee241853182cacd9db1e2_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:337341fac7bf5dab19944d767f57dad2b6a4a31f457cf0e232ef8da48a15f824_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:3904ab010f7bdd83c92c2b03f49bd483e9b007b73253755b9eb93b7be9720c9e_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ed27017eec8538a334365207ee56ebdc39b87650f04d96b52532a9f55dfe8844_s390x",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1e6ec233614244a12a6bb207a2c8a57c89541c4e1d2928013a73059c75d22a75_ppc64le",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a6cf88c5b7e7dc798683bdd9fa92a1d1c6b8a8fc7c7863239d181919b1de22e0_amd64",
            "8Base-RHACS-4.2:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d0ddf073f66d5e12797dc58c0c4a2f70580d5bf2031adde92fb4da46936b769a_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "postgresql: extension script @substitutions@ within quoting allow SQL injection"
    }
  ]
}

CVE-2023-39417 (GCVE-0-2023-39417)

Vulnerability from cvelistv5

Published

2023-08-11 12:19

Modified

2025-10-04 00:57

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Summary

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-39417	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2228111	issue-tracking, x_refsource_REDHAT
	https://www.postgresql.org/support/security/CVE-2023-39417

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Advanced Cluster Security 4.2

Unaffected: 4.2.4-6 < *
cpe:/a:redhat:advanced_cluster_security:4.2::el8

Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 < * cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 < * cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39417",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-09T13:38:12.203477Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-09T13:38:20.616Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:10:20.829Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
          },
          {
            "name": "RHBZ#2228111",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00003.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230915-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5553"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5554"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-08-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, \u0027\u0027, or \"\"). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-04T00:57:16.001Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-39417"
        },
        {
          "name": "RHBZ#2228111",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228111"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-39417"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-08-01T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-08-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: extension script @substitutions@ within quoting allow sql injection",
      "x_redhatCweChain": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-39417",
    "datePublished": "2023-08-11T12:19:15.108Z",
    "dateReserved": "2023-08-01T09:31:02.842Z",
    "dateUpdated": "2025-10-04T00:57:16.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5868 (GCVE-0-2023-5868)

Vulnerability from cvelistv5

Published

2023-12-10 17:56

Modified

2025-10-04 00:57

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-686 - Function Call With Incorrect Argument Type

Summary

A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-5868	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2247168	issue-tracking, x_refsource_REDHAT
	https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
	https://www.postgresql.org/support/security/CVE-2023-5868/

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Advanced Cluster Security 4.2

Unaffected: 4.2.4-6 < *
cpe:/a:redhat:advanced_cluster_security:4.2::el8

Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 < * cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 < * cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.651Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
          },
          {
            "name": "RHBZ#2247168",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Jingzhou Fu as the original reporter."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with \u0027unknown\u0027-type arguments. Handling \u0027unknown\u0027-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-686",
              "description": "Function Call With Incorrect Argument Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-04T00:57:12.858Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5868"
        },
        {
          "name": "RHBZ#2247168",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247168"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5868/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: memory disclosure in aggregate function calls",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-686: Function Call With Incorrect Argument Type"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5868",
    "datePublished": "2023-12-10T17:56:57.176Z",
    "dateReserved": "2023-10-31T03:56:17.314Z",
    "dateUpdated": "2025-10-04T00:57:12.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5870 (GCVE-0-2023-5870)

Vulnerability from cvelistv5

Published

2023-12-10 17:58

Modified

2025-10-04 00:57

Severity ?

2.2 (Low) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Summary

A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-5870	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2247170	issue-tracking, x_refsource_REDHAT
	https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
	https://www.postgresql.org/support/security/CVE-2023-5870/

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Advanced Cluster Security 4.2

Unaffected: 4.2.4-6 < *
cpe:/a:redhat:advanced_cluster_security:4.2::el8

Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 < * cpe:/a:redhat:rhel_eus:9.2::crb cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 < * cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Software Collections	cpe:/a:redhat:rhel_software_collections:3

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.816Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
          },
          {
            "name": "RHBZ#2247170",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5870",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2023-12-19T19:42:25.492582Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-02T17:04:19.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Hemanth Sandrana and Mahendrakar Srinivasarao as the original reporters."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-04T00:57:37.206Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5870"
        },
        {
          "name": "RHBZ#2247170",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247170"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5870/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: role pg_signal_backend can signal certain superuser processes.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5870",
    "datePublished": "2023-12-10T17:58:30.213Z",
    "dateReserved": "2023-10-31T03:56:58.366Z",
    "dateUpdated": "2025-10-04T00:57:37.206Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5869 (GCVE-0-2023-5869)

Vulnerability from cvelistv5

Published

2023-12-10 17:56

Modified

2025-10-04 00:54

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2023:7545	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7579	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7580	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7581	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7616	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7656	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7666	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7667	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7694	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7695	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7714	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7770	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7771	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7772	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7778	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7783	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7784	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7785	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7786	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7788	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7789	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7790	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7878	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7883	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7884	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2023:7885	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0332	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0337	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-5869	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2247169	issue-tracking, x_refsource_REDHAT
	https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/
	https://www.postgresql.org/support/security/CVE-2023-5869/

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Advanced Cluster Security 4.2

Unaffected: 4.2.4-6 < *
cpe:/a:redhat:advanced_cluster_security:4.2::el8

Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-6 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Advanced Cluster Security 4.2	Unaffected: 4.2.4-7 < * cpe:/a:redhat:advanced_cluster_security:4.2::el8
Red Hat	Red Hat Enterprise Linux 7	Unaffected: 0:9.2.24-9.el7_9 < * cpe:/o:redhat:enterprise_linux:7::computenode cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::client cpe:/o:redhat:enterprise_linux:7::server
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113712.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231128173330.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231201202407.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8090020231114113548.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions	Unaffected: 8010020231130170510.c27ad7f8 < * cpe:/a:redhat:rhel_e4s:8.1::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 8020020231201202149.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 8020020231201202149.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231128165246.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 8020020231201202149.4cda2c84 < * cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 8040020231127142440.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 8040020231127142440.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127153301.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127154806.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 8040020231127142440.522a0ee4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231114115246.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231128165328.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 8060020231201202249.ad008a3a < * cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231114105206.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231128165335.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231201202316.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 8080020231113134015.63b34585 < * cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:13.13-1.el9_3 < * cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 9030020231120082734.rhel9 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:13.13-1.el9_0 < * cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:13.13-1.el9_2 < * cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 9020020231115020618.rhel9 < * cpe:/a:redhat:rhel_eus:9.2::appstream
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:12.17-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:10.23-2.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	Red Hat Software Collections for Red Hat Enterprise Linux 7	Unaffected: 0:13.13-1.el7 < * cpe:/a:redhat:rhel_software_collections:3::el7
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-7 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-3.74-RHEL-8	Unaffected: 3.74.8-9 < * cpe:/a:redhat:advanced_cluster_security:3.74::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	RHACS-4.1-RHEL-8	Unaffected: 4.1.6-6 < * cpe:/a:redhat:advanced_cluster_security:4.1::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.605Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7545",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7545"
          },
          {
            "name": "RHSA-2023:7579",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7579"
          },
          {
            "name": "RHSA-2023:7580",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7580"
          },
          {
            "name": "RHSA-2023:7581",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7581"
          },
          {
            "name": "RHSA-2023:7616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7616"
          },
          {
            "name": "RHSA-2023:7656",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7656"
          },
          {
            "name": "RHSA-2023:7666",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7666"
          },
          {
            "name": "RHSA-2023:7667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7667"
          },
          {
            "name": "RHSA-2023:7694",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7694"
          },
          {
            "name": "RHSA-2023:7695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7695"
          },
          {
            "name": "RHSA-2023:7714",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7714"
          },
          {
            "name": "RHSA-2023:7770",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7770"
          },
          {
            "name": "RHSA-2023:7771",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7771"
          },
          {
            "name": "RHSA-2023:7772",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7772"
          },
          {
            "name": "RHSA-2023:7778",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7778"
          },
          {
            "name": "RHSA-2023:7783",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7783"
          },
          {
            "name": "RHSA-2023:7784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7784"
          },
          {
            "name": "RHSA-2023:7785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7785"
          },
          {
            "name": "RHSA-2023:7786",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7786"
          },
          {
            "name": "RHSA-2023:7788",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7788"
          },
          {
            "name": "RHSA-2023:7789",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7789"
          },
          {
            "name": "RHSA-2023:7790",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7790"
          },
          {
            "name": "RHSA-2023:7878",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7878"
          },
          {
            "name": "RHSA-2023:7883",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7883"
          },
          {
            "name": "RHSA-2023:7884",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7884"
          },
          {
            "name": "RHSA-2023:7885",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7885"
          },
          {
            "name": "RHSA-2024:0304",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0304"
          },
          {
            "name": "RHSA-2024:0332",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0332"
          },
          {
            "name": "RHSA-2024:0337",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0337"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
          },
          {
            "name": "RHBZ#2247169",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240119-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.2.4-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::workstation",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.24-9.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113712.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231128173330.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231201202407.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020231114113548.a75119d5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.1::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8010020231130170510.c27ad7f8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231128165246.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020231201202149.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127153301.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127154806.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020231127142440.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231114115246.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231128165328.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020231201202249.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:13",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231114105206.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:12",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231128165335.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:10",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231201202316.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020231113134015.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9030020231120082734.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "postgresql:15",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020231115020618.rhel9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql12-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:12.17-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql10-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:10.23-2.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_software_collections:3::el7"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-postgresql13-postgresql",
          "product": "Red Hat Software Collections for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:13.13-1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3.74::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-3.74-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.74.8-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.1::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "RHACS-4.1-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.1.6-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "postgresql",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "postgresql:16/postgresql",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Pedro Gallegos as the original reporter."
        }
      ],
      "datePublic": "2023-11-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server\u0027s memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-04T00:54:34.099Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7545",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7545"
        },
        {
          "name": "RHSA-2023:7579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7579"
        },
        {
          "name": "RHSA-2023:7580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7580"
        },
        {
          "name": "RHSA-2023:7581",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7581"
        },
        {
          "name": "RHSA-2023:7616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7616"
        },
        {
          "name": "RHSA-2023:7656",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7656"
        },
        {
          "name": "RHSA-2023:7666",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7666"
        },
        {
          "name": "RHSA-2023:7667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7667"
        },
        {
          "name": "RHSA-2023:7694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7694"
        },
        {
          "name": "RHSA-2023:7695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7695"
        },
        {
          "name": "RHSA-2023:7714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7714"
        },
        {
          "name": "RHSA-2023:7770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7770"
        },
        {
          "name": "RHSA-2023:7771",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7771"
        },
        {
          "name": "RHSA-2023:7772",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7772"
        },
        {
          "name": "RHSA-2023:7778",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7778"
        },
        {
          "name": "RHSA-2023:7783",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7783"
        },
        {
          "name": "RHSA-2023:7784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7784"
        },
        {
          "name": "RHSA-2023:7785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7785"
        },
        {
          "name": "RHSA-2023:7786",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7786"
        },
        {
          "name": "RHSA-2023:7788",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7788"
        },
        {
          "name": "RHSA-2023:7789",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7789"
        },
        {
          "name": "RHSA-2023:7790",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7790"
        },
        {
          "name": "RHSA-2023:7878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7878"
        },
        {
          "name": "RHSA-2023:7883",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7883"
        },
        {
          "name": "RHSA-2023:7884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7884"
        },
        {
          "name": "RHSA-2023:7885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7885"
        },
        {
          "name": "RHSA-2024:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0304"
        },
        {
          "name": "RHSA-2024:0332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0332"
        },
        {
          "name": "RHSA-2024:0337",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0337"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5869"
        },
        {
          "name": "RHBZ#2247169",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247169"
        },
        {
          "url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/"
        },
        {
          "url": "https://www.postgresql.org/support/security/CVE-2023-5869/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-11-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Postgresql: buffer overrun from integer overflow in array modification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5869",
    "datePublished": "2023-12-10T17:56:57.131Z",
    "dateReserved": "2023-10-31T03:56:42.638Z",
    "dateUpdated": "2025-10-04T00:54:34.099Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

RHSA-2024:0337

Vulnerability from csaf_redhat

CVE-2023-39417 (GCVE-0-2023-39417)

Vulnerability from cvelistv5

CVE-2023-5868 (GCVE-0-2023-5868)

Vulnerability from cvelistv5

CVE-2023-5870 (GCVE-0-2023-5870)

Vulnerability from cvelistv5

CVE-2023-5869 (GCVE-0-2023-5869)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature